LM hash

The LAN manager hash or LM hash is a cryptographic hash function . It is used by Microsoft LAN Manager and in some cases by Windows NT -based operating systems to store 128-bit hash values of passwords. LM-Hash was originally developed for the Microsoft LAN Manager. Since then it has been used in both LAN Manager and Microsoft Windows to save user passwords that are shorter than 15 characters. This type of hash is the only type of hash function used in Microsoft LAN Manager and versions from Windows through Windows Me. It is only used for backward compatibility also supported by newer Windows versions, but not used for authentication of accounts.

algorithm

The LM hash is calculated as follows:

The user's password in the form of an OEM string is converted to uppercase letters .
If the password is shorter than 14 bytes, it is padded with zero values.
The fixed-length password is split into two 7-byte halves.
A 64-bit long DES key is generated from each half by adding a NON parity bit every 7 bits .
Each of these keys is used to encrypt the constant ASCII string “ KGS!@#$%” with DES, resulting in two 8-byte ciphertext values.
These two ciphertext values are combined to form a 16 byte value that represents the LM hash.
- If the password was shorter than 8 digits, the 2nd half always contains the hash of 7 zeros.

If a password is selected for which no LM hash can be formed, e.g. B. with a length of at least 15 digits, both halves are filled with zeros. The same value is also formed if the generation of LM hashes has been generally deactivated on the respective system.

Security weakness

Although the LM hash is based on DES, it can be cracked easily due to two weaknesses in its implementation. First, passwords longer than seven characters are split into two 7-byte pieces and each piece is hashed on its own. Second, all lowercase letters in the password are converted to uppercase before the password is hashed. The first weakness allows each half of the password to be attacked separately. While different passwords can be formed from up to 14 letters of inconsistent upper / lower case and other characters permitted in a password, there are only different 1-7 character passwords that use the same character set. By converting the string to capital letters, the number of possibilities for each half is reduced to . If a brute force attack is carried out on the individual halves, modern, powerful CPUs can crack alphanumeric LM hashes on a core within a few hours. ${\ displaystyle 95 ^ {14} \ approx 2 ^ {92}}$ ${\ displaystyle 95 ^ {7} \ approx 2 ^ {46}}$ ${\ displaystyle 69 ^ {7} \ approx 2 ^ {43}}$

The respective password is then available in capital letters. If this is not already the actual password, all variants in upper and lower case can be checked against the NTLM hash of the respective account. The computational effort for this is minimal.

Since the LM hash does not contain a salt , a time-memory trade-off cryptanalysis attack, as with rainbow tables , can also be carried out. In 2003, Ophcrack , an implementation of the rainbow table technique, was released. It specifically targets the weaknesses in LM encryption and contains precalculated data, sufficient to break almost all alphanumeric LM hashes in a few seconds. Many cracking tools, such as RainbowCrack , L0phtCrack and Cain & Abel , contain similar attacks and make cracking LM hashes trivial.

In response to the security weaknesses of the LM hash, Microsoft introduced the NTLM algorithm in Windows NT 3.1 . While LAN Manager is considered obsolete and current Windows operating systems use the stronger NTLM hashing method, all Windows systems still compute and store the LM hash by default to be compatible with LAN Manager and Windows Me or earlier clients. It makes sense to deactivate this property where it is not needed. Microsoft claimed that support for LM will be completely eliminated in the new Windows Vista operating system. Nevertheless, even Windows 7 includes support for the LM hash in practice, even if it is deactivated by default. Activation is possible via local security guidelines in the system administration. In the home versions of Microsoft Windows Vista and 7, this setting is only available via the registry .

swell

↑ Jesper M. Johansson: The basic discussion: Password phrases or passwords. Problem.
^ Eric Glass: The NTLM Authentication Protocol. 2003, accessed June 5, 2006 .
↑ https://support.microsoft.com/de-de/help/299656/how-to-prevent-windows-from-storing-a-lan-manager-hash-of-your-passwor. Retrieved October 23, 2017 .
↑ How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases. In: Microsoft Knowledge Base. Retrieved June 5, 2006 .
^ Jesper Johansson: The Most Misunderstood Windows Security Setting of All Time . In: TechNet Magazine . August 2006. Retrieved January 8, 2007.

[1] Jesper M. Johansson: The basic discussion: Password phrases or passwords. Problem.

[davenport-2] Eric Glass: The NTLM Authentication Protocol. 2003, accessed June 5, 2006 .

[3] https://support.microsoft.com/de-de/help/299656/how-to-prevent-windows-from-storing-a-lan-manager-hash-of-your-passwor. Retrieved October 23, 2017 .

[mskb-4] How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases. In: Microsoft Knowledge Base. Retrieved June 5, 2006 .

[vista-5] Jesper Johansson: The Most Misunderstood Windows Security Setting of All Time . In: TechNet Magazine . August 2006. Retrieved January 8, 2007.